AML 8.3.3 AML 8.3.3(1) For the purposes of Rule 8.3.1(1)(b), and subject to (4), a Relevant Person must identify the Beneficial Owners of a Body Corporate in accordance with this Rule.(2) The Relevant Person must identify any natural person who:(a) owns or controls (in each case whether directly or indirectly) 25% or more of the shares or voting rights in the Body Corporate; or(b) controls the Body Corporate.(c) exercises ultimate control over the management of the Body Corporate.(3) For the purposes of (2)(b), a natural person controls a Body Corporate if such person:(a) holds, directly or indirectly:(i) 25% or more of the Body Corporate's shares;(ii) 25% or more of the voting rights in the Body Corporate; or(iii) the right to appoint or remove a majority of the board of directors of the Body Corporate; or(b) has the right to exercise, or actually exercises, significant influence or control over the Body Corporate.(4) A Relevant Person is not required to comply with Rule 8.3.1(1)(b) if the customer is:(a) a Listed Body Corporate; or(b) a Body Corporate that is wholly-owned by the Federal Government of the United Arab Emirates, or by any of the governments of the member Emirates of the United Arab Emirates; or(c) a Body Corporate created by Emiri decree within the United Arab Emirates.
Amended on (15 April, 2019).
Individuals2. A Relevant Person should, in complying with Rule 8.3.1(1)(a), and adopting the RBA, obtain, verify and record, for every Customer who is a Natural Person, the following identification information in either documentary (hard copy) or electronic form:a. true full name (or names) used;b. date and place of birth;c. nationality;d. complete current permanent address, including all relevant details with regard to country of residence; ande. telephone and email address.3. Items 2a. to 2c. above should be obtained by sighting a current valid passport or, where a Customer does not own a passport, an official identification document which includes a photograph.4. The following additional information may be requested depending on the facts and the nature and size of the transaction or the business relationship:a. occupation or profession, name of employer and location of activity;b. information regarding the nature of the business to be conducted;c. information regarding the origin of the funds;d. legal domicile or fiscal residence; ande. information regarding the Source of Wealth or income.5. The concept of domicile referred to at item 4d. above generally refers to the place which a Person regards as his permanent home and with which he has the closest ties or which is his place of origin.6. The address of a prospective Customer should enable a Relevant Person to physically locate the Customer. If P.O. Box numbers are customary to a country, additional methods of physically locating the Customer should be applied.7. Documentary evidence of identity:a. current, signed passport;b. current, signed ID card; orc. other identification documentation that is customary in the country of residence, such as a driving licence, including a clear photograph of the prospective Customer.8. A Relevant Person should ensure that any documents used for the purpose of identification are original documents.9. Where personal identity documents, such as a passport, ID card or other identification documentation cannot be obtained in original form, for example because a Relevant Person has no physical contact with the Customer, the identification documentation provided should be certified as a true copy of the original document by any one of the following:a. a registered lawyer;b. a registered notary;c. a chartered accountant;d. a government ministry;e. a post office;f. a police officer; org. an embassy or consulate.The individual or authority undertaking the certification should be contactable if necessary.
Where a copy of an original identification document is made by a Relevant Person, the copy should be dated, signed and marked with 'original sighted'.10. Documentary evidence of address:a. record of home visit;b. confirmation from an electoral register search that a Person of such a name lives at that address;c. tenancy agreement;d. utility bill; ore. local authority tax bill.
Unincorporated businesses or partnerships11. Evidence to be obtained in either documentary or electronic form:a. true full name or names;b. complete current registered and trading address, including relevant details with regard to country of establishment;c. telephone number and email address;d. fiscal residence;e. business activity;f. information on the nature of the business to be conducted;g. trading licence, with renewal date;h. a list of authorised signatories of the business or partnership;i. regulatory body, if applicable;j. information regarding the origin of funds; andk. information regarding the Source of Wealth/income.12. Documentary evidence of identity:a. the latest annual report and accounts, audited where applicable; andb. a certified copy of the partnership deed, to ensure that it has a legitimate purpose and to ascertain the nature of the business or partnership.13. Evidence of the trading address of the business or partnership should be obtained and may be verified with a visit to the place of business.
Guidance on Restricted Scope Companies14. The Restricted Scope Company is a corporate vehicle offering a greater degree of confidentiality than other forms of corporate entity in ADGM. Restricted Scope Companies are not required to file accounts and are not required to audit their accounts. Restricted Scope Companies must file an annual return, articles, and details of their registered offices, directors and secretary (if they have one) with the Registrar.15. Relevant Persons will know that the Restricted Scope Company is subject to less onerous corporate disclosure requirements than other forms of corporate entity due to the requirement to have "(Restricted)" in the company's name. Given that only a Restricted Scope Company's constitution and details of its registered office will be available in a public register, Relevant Persons will be required to have a bilateral dialogue with the Restricted Scope Company in accordance with the RBA to obtain any other relevant information which is needed to assess the money laundering risks to which it is exposed.16. Evidence to be obtained in either documentary or electronic form:a. true full name or names;b. registered address;c. telephone number and email address;d. fiscal residence;e. business activity;f. information regarding the origin of funds;g. information regarding the Source of Wealth/income; andh. the latest annual report and accounts, audited where applicable.
Corporate entities including Financial Institutions or Credit Institutions that are not covered by an exemption, including Financial Institutions or Credit Institutions that are not regulated by the Regulator or regulated in a FATF country17. Evidence to be obtained in either documentary or electronic form:a. registered corporate name and any trading names used;b. complete current registered address and any separate principal trading addresses, including all relevant details with regard to country of residence;c. telephone number and email address;d. date and place of incorporation;e. corporate registration number;f. fiscal residence;g. business activity;h. regulatory body, if applicable;i. name and address of Group, if applicable;j. legal form;k. name of external auditor;l. information regarding the nature and level of the business to be conducted;m. information regarding the origin of the funds; andn. information regarding the Source of Wealth/income.18. Documentary evidence of identity:a. copy of the extract of the register of the regulator or exchange, or state law or edict creating the entity, in case of regulated, listed or state-owned companies;b. certified copy of the articles of association or statutes;c. certified copy of either the certificate of incorporation or the trade register entry and the trading licence, including the renewal date;d. latest annual report, audited and published if applicable;e. certified copies of the list of authorised signatories specifying who is authorised to act on behalf of the Customer account and of the board resolution authorising the signatories to operate the account;f. certified copies of the identification documentation of the authorised signatories;g. names, country of residence, nationality of Directors or partners and of the members of the Governing Body; andh. list of the main shareholders holding more than 5% of the issued capital.19. If the applying Customer is not obliged to publish an audited annual report, adequate information about the financial accounts should be obtained.20. A Relevant Person should verify that the applying Customer is active and has not been, or is not in the process of being dissolved, wound-up or terminated.
Trusts, nominees and fiduciaries21. In addition to the identification documentation listed under 'corporate entities' (Paragraphs 17 to 20 above), the following information and documentation should be obtained:a. identity of any settlor, the trustee and any principal controller who has the power to remove the trustee, as well as the identity of the Beneficial Owner;b. a certified copy of the trust deed, to ascertain the nature and purpose of the trust; andc. documentary evidence of the appointment of the current trustees.22. A Relevant Person should ensure that it is advised about any changes concerning the individuals who have control over the funds, and concerning the Beneficial Owners.23. Where a trustee, principal controller or Beneficial Owner who has been identified is about to be replaced, the identity of the new trustee, principal controller or Beneficial Owner should be verified before they are allowed to exercise control over the funds.
Authorised Persons and Recognised Bodies regulated by the Regulator or Financial Institutions or Credit Institutions regulated in a FATF country24. Pursuant to the exception under Simplified Customer Due Diligence, identification evidence is generally not required for Customers of a firm who are themselves Authorised Persons, Auditors, Recognised Clearing Houses or Recognised Investment Exchanges registered or regulated by the Regulator or are Financial Institutions or Credit Institutions regulated by any FATF country's relevant Non-ADGM Financial Services Regulator or other relevant regulatory authority or regulator.25. However, the confirmation of the existence of such a relevant firm or institution and its regulatory status, including the application of AML applying in the ADGM or equivalent AML provisions, should be verified by the Relevant Person prior to entering into a Customer relationship. Regular professional and commercial checks and due diligence investigations should still be performed. The Relevant Person should verify the regulatory status of the firm or institution by one of the following means:a. requesting confirmation from the relevant Non-ADGM Financial Services Regulator or other relevant regulatory authority, regulator, body, or home country Central Bank; orb. requesting a certified copy of a relevant licence or authorisation to conduct financial or banking business from the firm or institution.
Clubs, cooperative, charitable, social or professional societies26. A Relevant Person should take steps to satisfy itself as to the legitimate purpose of clubs and societies by, for example, obtaining a certified copy of the constitution of the organisation.27. The identity of the principal signatories and controllers should be verified in accordance with the requirements for private individuals. The capacity of the signatories to act on behalf of the club or society and the identity of Beneficial Owners of the funds should be established and verified.28. A Relevant Person should consider the following items while completing the Customer identification requirements for a Client which is a charitable society:a. whether the charity is licensed or permitted by a regulatory authority, regulator or government entity in its home country. (Note: charities in the U.A.E. are required to obtain from the U.A.E. Minister of Labour and Social Affairs a certificate which confirms their identity, permits them to open bank accounts and states whether they are permitted to collect donations and make financial transfers outside the U.A.E. through such bank accounts);b. the type and quality of regulation to which the charity is subject in its home state;c. the structure and overall character of management and trustees;d. whether the charity allows donors to specify beneficiaries. If yes, then it would be prudent to ensure that such charities are closely regulated;e. the pattern of beneficiaries: a small number of targeted beneficiaries could indicate potential risks;f. whether the charity and its functioning is dominated by a few large donors and the pattern of donors; andg. whether it is a private foundation as, if it is, it is more likely to be dominated by a single donor and linked to a small number of beneficiaries which will necessitate scrutiny of both the donor and the beneficiaries.29. The Regulator may, from time to time:a. review the relevant guidance in light of changing money laundering legislation issued by the U.A.E. Central Bank, money laundering trends and techniques and according to international standards, in order to keep the guidance current; andb. provide such other guidance as it deems appropriate regarding Customer identification obligations.30. The Regulator expects that a Relevant Person will take these changes into account by amending, as appropriate, its policies, procedures, systems and controls.31. Sound "Know Your Customer" arrangements have particular relevance to the safety and soundness of a Relevant Person, in that:a. they help to protect its reputation and the integrity of the ADGM by reducing the likelihood of Relevant Persons becoming a vehicle for, or a victim of, financial crime and suffering consequential reputational damage; andb. they constitute an essential part of sound risk management, for example by providing the basis for identifying, limiting and controlling risk exposures to assets and liabilities, including assets under management.
Risk-Based Approach32. Any inadequacy of "Know Your Customer" standards can expose Relevant Persons to serious business operation and control risks.33. In complying with Rule 8.3.1(1)(a), a Relevant Person should adopt an RBA for the Customer identification and verification process. Depending on the money laundering risk assessment regarding the Relevant Person's Customer, the Relevant Person should decide to what level of detail the Customer identification and verification process will need to be performed. The risk assessment regarding a Customer should be recorded in the Customer file.34. The RBA does not release a Relevant Person from its overall obligation to identify fully and obtain evidence of Customer identification to the Regulator's satisfaction.35. A Relevant Person is advised that in cases of doubt it should adopt a stricter rather than a moderate approach in its judgement concerning the risk level and the level of detail to which Customer identification is performed and evidence obtained.
No Original Documents36. In complying with Rule 8.3.1(1)(a), it may not always be possible to obtain original documents. Where identification documents cannot be obtained in original form, for example because a Relevant Person has no physical contact with the Customer, the Relevant Person should obtain a copy certified as a true copy by a Person of good standing such as a registered lawyer or notary, a chartered accountant, a bank manager, a police officer, an Employee of the Person's embassy or consulate, or other similar Person. The Regulator considers that downloading publicly-available information from an official source (such as a regulator's or other official government website) is sufficient to satisfy the requirements of Rule 8.3.1(1)(a). The Regulator also considers that CDD information and research obtained from a reputable company or information-reporting agency may also be acceptable as a reliable and independent source as would banking references and, on a risk-sensitive basis, information obtained from researching reliable and independent public information found on the internet or on commercial databases.37. For higher risk situations the Regulator would expect identification information to be independently verified, using both public and non-public sources. For lower risk situations, not all of the relevant identification information would need to be verified.38. In complying with Rule 8.3.1(1)(b) and (c), a Relevant Person is required to "understand" a Customer's Source of Funds and wealth. This would mean obtaining information from the Customer or from a publicly-available source on the Source of Funds and wealth. For a public company, this might be achieved by looking at their published accounts. For a natural or Legal Person, this might involve including a question on Source of Funds and wealth in an application form or Client questionnaire. Understanding a Customer's Source of Funds and wealth is also important for the purposes of undertaking on-going due diligence under Rule 8.3.1(1)(d).39. An insurance policy which is similar to a life policy would include life-related protection, or a pension, or investment product which pays out to the policy holder or beneficiary upon a particular event occurring or upon redemption.
Guidance on verification of Beneficial Owner40. In determining whether an individual meets the definition of a Beneficial Owner or controller, regard should be had to all the circumstances of the case, in particular the size of an individual's legal or beneficial ownership in a Transaction. The question of what is a "small" ownership interest for the purposes of the definition of a Beneficial Owner will depend on the individual circumstances of the Customer. The Regulator considers that the question of whether an ownership interest is small should be considered in the context of the Relevant Person's knowledge of the Customer and the Customer risk assessment and the risk of money laundering.41. When verifying Beneficial Owners under Rule 8.3.1(1)(a), a Relevant Person is expected to adopt a substantive (as opposed to form over substance) approach to CDD for Legal Persons. Adopting a substantive approach means focusing on the money laundering risks of the Customer and the product/service and avoiding an approach which focuses purely on the legal form of an arrangement or sets fixed percentages at which Beneficial Owners are identified (or not). It should take all reasonable steps to establish and understand a corporate Customer's legal ownership and control and to identify the Beneficial Owner. The Regulator does not set explicit ownership or control thresholds in defining the Beneficial Owner because the Regulator considers that the applicable threshold to adopt will ultimately depend on the risks associated with the Customer, and so the Regulator expects a Relevant Person to adopt the RBA and justify on reasonable grounds an approach which is proportionate to the risks identified. A Relevant Person should not set fixed thresholds for identifying the Beneficial Owner without objective and documented justification as required by Rule 5.1.1. An overly formal approach to defining the Beneficial Owner may result in a criminal "gaming" the system by always keeping his financial interest below the relevant threshold.42. The Regulator considers that in some circumstances no threshold should be used when identifying Beneficial Owners because it may be important to identify all underlying Beneficial Owners in order to ensure that they are not associated or connected in some way. This may be appropriate where there are a small number of investors in an account or fund, each with a significant financial holding and the Customer-specific risks are higher. However, where the Customer-specific risks are lower, a threshold can be appropriate. For example, for a low-risk corporate Customer combined with a lower-risk product or service, a percentage threshold may be appropriate for identifying "control" of the Legal Person for the purposes of the definition of a Beneficial Owner.43. For a retail investment fund which is widely-held and where the investors invest via pension contributions, the Regulator would not expect the manager of the fund to look through to any underlying investors where there are none with any material control or ownership levels in the fund. However, for a closely-held fund with a small number of investors, each with a large shareholding or other interest, the Regulator would expect a Relevant Person to identify and verify each of the Beneficial Owners, depending on the risks identified as part of its risk-based assessment of the Customer. For a corporate health policy with defined benefits, the Regulator would not expect a Relevant Person to identify the Beneficial Owners.44. Where a Relevant Person carries out identification and verification in respect of actual and potential Beneficial Owners of a trust, this should include the trustee, the settlor, the protector, the enforcer, the beneficiaries, other Persons with power to appoint or remove a trustee and any Person entitled to receive a distribution, whether or not such Person is a named beneficiary.
Guidance on Politically Exposed Persons and corruption45. Individuals who have, or have had, a high political profile, or hold, or have held, public office, can pose a higher money laundering risk to a Relevant Person as their position may make them vulnerable to corruption. This risk also extends to members of their families and to known close associates. PEP status itself does not, of course, incriminate individuals or entities. It does, however, put the Customer into a higher risk category.46. Generally, a foreign PEP presents a higher risk of money laundering because there is a greater risk that such Person, if he were committing money laundering, would attempt to place his money offshore where he is less likely to be recognised as a PEP and where it would be more difficult for law enforcement agencies in his home jurisdiction to confiscate or freeze his criminal property.47. Due diligence to uncover information about PEPs can be time consuming and difficult, requiring close fact checking of the names, dates of birth, photographs and identification numbers of individuals against reputable PEP lists. However, despite the development of such lists by certain vendors, as well as the United Nations' compilation of a list of heads of states which fall within the FATF definition of PEPs, there is no "official" centralised global PEP list. It is therefore left to each Relevant Person to determine whether they would like to internally develop their own database or list of PEPs as a due diligence tool.48. Where a Customer relationship is maintained with a PEP, detailed monitoring and due diligence procedures should include:a. analysis of any complex structures, for example involving trusts or multiple jurisdictions;b. appropriate measures to establish the Source of Wealth;c. development of a profile of expected activity for the business relationship in order to provide a basis for Transaction and account monitoring;d. initial screening and due diligence prior to the account opening;e. Senior Management approval for the account opening;f. regular oversight of the relationship with a PEP by Senior Management; andg. ongoing and periodical screening of accounts opened by PEPs.49. A Relevant Person is advised that Customer relationships with family members or close associates of PEPs involve similar risks to those with PEPs themselves.50. Corruption-related money laundering risk increases when a Relevant Person deals with a PEP. Corruption may involve serious crimes and has become the subject of increasing global concern. Corruption offences are predicate crimes under Federal Law No. 4 of 2002.51. The Regulator considers that after leaving office a PEP may remain a higher risk for money laundering if such Person continues to exert political influence or otherwise pose a risk of corruption.
Guidance on Insurers52. With regard to Insurers, the following "Know Your Customer" verification and identification set out in this section should be taken into account.53. An Insurer undertaking verification should establish to its satisfaction that every verification subject exists. All verification subjects of joining applicants for Insurance Business should normally be verified. In the case of arrangements such as trusts, nominee companies and front companies, verification should include an assessment of the substance of the arrangement, for example in relation to settlors, trustees and beneficiaries.54. An Insurer should carry out verification in respect of the parties entering into the Contract of Insurance. On some occasions there may be underlying principals and, if this is the case, the true nature of the relationship between principals and the policyholders should be established and appropriate enquiries performed about the former, especially if the policyholders are accustomed to acting on their instructions. 'Principal' should be understood in its widest sense to include, for example, Beneficial Owners, settlors, controlling shareholders, Directors and major beneficiaries.
Guidance on electronic money55. The following factors will increase the risk of electronic money products being used for money laundering or terrorist financing:a. high, or no, Transaction or purse limits: the higher the value and frequency of Transactions, and the higher the purse limit, the greater the risk, particularly where Customers are permitted to hold multiple purses;b. frequent cross-border Transactions, unless within a single scheme, can give rise to difficulties with information sharing: dependence on counterparty systems increases the risk;c. funding of purses by unverified parties presents a higher risk of money laundering, whether it is the Customer who is unverified or a third party;d. funding of purses using cash offers little or no audit trail of the source of the funds and hence presents a higher risk of money laundering;e. funding of purses using electronic money products that have not been verified may present a higher risk of money laundering;f. the non-face-to-face nature of many products gives rise to increased risk;g. the ability of consumers to hold multiple purses (for example, open multiple accounts or purchase a number of cards) without verification of identity increases the risk;h. cash access, for example by way of ATMs, as well as an allowance for the payment of refunds in cash for purchases made using electronic money, will increase the risk;i. increased product functionality may, in some instances, give rise to a higher risk of money laundering (product functionality includes Person-to-business, Person-to-Person, and business-to-business transfers);j. products that feature multiple cards linked to the same account increase the utility provided to the user, but may also increase the risk of money laundering, particularly where the Customer is able to pass on linked 'partner' cards to anonymous third parties;k. segmentation of the business value chain, including use of multiple agents and outsourcing, in particular to overseas locations, may give rise to a higher risk; andl. the technology adopted by the product may give rise to specific risks that should be assessed.56. Electronic money issuers should address the risks that are inherent in payments in a similar manner to other retail products: by putting in place systems and controls that prevent money laundering and terrorist financing by detecting unusual Transactions and predetermined patterns of activity.57. The systems and controls electronic money issuers put in place must be commensurate with the money laundering and terrorist financing risk to which they are exposed. The detail of electronic money issuers' systems and controls will therefore vary. Examples include those that:a. place limits on purse storage values, cumulative turnover or amounts transacted;b. can detect money laundering Transaction patterns;c. will detect anomalies to normal Transaction patterns;d. can identify multiple purses held by a single individual or group of individuals, such as the holding of multiple accounts or the 'stockpiling' of pre-paid cards;e. can look for indicators of accounts being opened with different electronic money issuers as well as attempts to pool funds from different sources;f. can identify discrepancies between submitted and detected information, for example between country of origin submitted information and the electronically-detected IP address;g. deploy sufficient resources to address money laundering risks, including, where necessary, specialist expertise for the detection of suspicious activity;h. allow collaboration with merchants that accept electronic money to identify and prevent suspicious activity; andi. restrict funding of electronic money products to funds drawn on accounts held in the ADGM.